buyandsave.savings.beneplace.com Open in urlscan Pro
54.165.223.213  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

23 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
1 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response buyandsave.savings.beneplace.com/	3 KB 2 KB	367ms 121ms	Document text/html	54.165.223.213 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://buyandsave.savings.beneplace.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.165.223.213 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-54-165-223-213.compute-1.amazonaws.com Software nginx/1.19.3 / Resource Hash 6ef5984d1d95230d5961c0ee465c99c03ee122b7504eb43576b2930afe3ecad4 Security Headers Name Value Content-Security-Policy frame-src *.beneplace.com:* *.workingadvantage.com:* 'unsafe-inline' 'unsafe-eval' frame-ancestors 'self' *.beneplace.com:* *.workingadvantage.com:* Strict-Transport-Security max-age=31536000; includeSubDomains X-Frame-Options DENY Request headers :method GET :authority buyandsave.savings.beneplace.com :scheme https :path / pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site none sec-fetch-mode navigate sec-fetch-user ?1 sec-fetch-dest document accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers status 200 date Thu, 05 Nov 2020 20:21:53 GMT content-type text/html; charset=utf-8 server nginx/1.19.3 last-modified Thu, 05 Nov 2020 03:48:00 GMT vary Accept-Encoding etag W/"5fa375f0-aab" content-encoding gzip strict-transport-security max-age=31536000; includeSubDomains x-frame-options DENY content-security-policy frame-src *.beneplace.com:* *.workingadvantage.com:* 'unsafe-inline' 'unsafe-eval' frame-ancestors 'self' *.beneplace.com:* *.workingadvantage.com:*
GET H2	200	bootstrap.min.css stackpath.bootstrapcdn.com/bootstrap/4.3.0/css/	152 KB 23 KB	21ms 7ms	Stylesheet text/css	2001:4de0:ac19::1:b:3b HIGHWINDS3
General Check archive.org Show headers Download Go to Full URL https://stackpath.bootstrapcdn.com/bootstrap/4.3.0/css/bootstrap.min.css Requested by Host: buyandsave.savings.beneplace.com URL: https://buyandsave.savings.beneplace.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4de0:ac19::1:b:3b , Netherlands, ASN20446 (HIGHWINDS3, US), Reverse DNS Software / Resource Hash 26746c2a4045b86af00989b08fc695ddbaece4cd7a0ab700920ed9fa190e6d9f Security Headers Name Value X-Content-Type-Options nosniff Request headers Origin https://buyandsave.savings.beneplace.com Referer https://buyandsave.savings.beneplace.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Thu, 05 Nov 2020 20:21:54 GMT content-encoding gzip x-content-type-options nosniff last-modified Mon, 11 Feb 2019 19:24:11 GMT status 200 etag "1549913051" vary Accept-Encoding x-cache HIT content-type text/css; charset=utf-8 access-control-allow-origin * cache-control public, max-age=31536000 cross-origin-resource-policy cross-origin accept-ranges bytes timing-allow-origin * content-length 23237
GET H2	200	css fonts.googleapis.com/	3 KB 590 B	42ms 32ms	Stylesheet text/css	2a00:1450:4001:820::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Lato:300,400,700,900 Requested by Host: buyandsave.savings.beneplace.com URL: https://buyandsave.savings.beneplace.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:820::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 550aefc454b2a6bd34a31c5e83de5266c41510f702dbdf9f87ab3b25649a4741 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://buyandsave.savings.beneplace.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff status 200 alt-svc h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Thu, 05 Nov 2020 18:47:40 GMT server ESF date Thu, 05 Nov 2020 20:21:54 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Thu, 05 Nov 2020 20:21:54 GMT
GET H2	200	js Show response maps.googleapis.com/maps/api/	125 KB 41 KB	69ms 41ms	Script text/javascript	2a00:1450:4001:808::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://maps.googleapis.com/maps/api/js?client=gme-entertainmentbenefits&libraries=places Requested by Host: buyandsave.savings.beneplace.com URL: https://buyandsave.savings.beneplace.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software mafe / Resource Hash d2261f25f09d472c12eea4f3b6f04ecf626ab4eeb19d7ff90d6c0dcfa36ad78e Security Headers Name Value X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://buyandsave.savings.beneplace.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Thu, 05 Nov 2020 20:21:54 GMT content-encoding gzip vary Accept-Language server mafe x-frame-options SAMEORIGIN content-type text/javascript; charset=UTF-8 status 200 cache-control public, max-age=1800 server-timing gfet4t7; dur=27 alt-svc h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42043 x-xss-protection 0 expires Thu, 05 Nov 2020 20:51:54 GMT
GET H2	200	styles.16f16abfe59bb913dab7.css buyandsave.savings.beneplace.com/	148 KB 18 KB	135ms 126ms	Stylesheet text/css	54.165.223.213 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://buyandsave.savings.beneplace.com/styles.16f16abfe59bb913dab7.css Requested by Host: buyandsave.savings.beneplace.com URL: https://buyandsave.savings.beneplace.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.165.223.213 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-54-165-223-213.compute-1.amazonaws.com Software nginx/1.19.3 / Resource Hash d5d6559f00c2a691c1b19a3ad61f386bcfaee34442d0174d646cbe02e05ac5c0 Security Headers Name Value Content-Security-Policy frame-src *.beneplace.com:* *.workingadvantage.com:* 'unsafe-inline' 'unsafe-eval', frame-ancestors 'self' *.beneplace.com:* *.workingadvantage.com:* Strict-Transport-Security max-age=31536000; includeSubDomains X-Frame-Options DENY Request headers Referer https://buyandsave.savings.beneplace.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Thu, 05 Nov 2020 20:21:54 GMT content-encoding gzip vary Accept-Encoding last-modified Thu, 05 Nov 2020 03:48:13 GMT server nginx/1.19.3 etag W/"5fa375fd-24f08" x-frame-options DENY content-type text/css status 200 content-security-policy frame-src *.beneplace.com:* *.workingadvantage.com:* 'unsafe-inline' 'unsafe-eval', frame-ancestors 'self' *.beneplace.com:* *.workingadvantage.com:* strict-transport-security max-age=31536000; includeSubDomains
GET H2	200	jquery-3.3.1.slim.min.js Show response code.jquery.com/	68 KB 24 KB	33ms 8ms	Script application/javascript	2001:4de0:ac19::1:b:1a HIGHWINDS3
General Check archive.org Show headers Download Go to Full URL https://code.jquery.com/jquery-3.3.1.slim.min.js Requested by Host: buyandsave.savings.beneplace.com URL: https://buyandsave.savings.beneplace.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4de0:ac19::1:b:1a , Netherlands, ASN20446 (HIGHWINDS3, US), Reverse DNS Software nginx / Resource Hash dde76b9b2b90d30eb97fc81f06caa8c338c97b688cea7d2729c88f529f32fbb1 Request headers Origin https://buyandsave.savings.beneplace.com Referer https://buyandsave.savings.beneplace.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Thu, 05 Nov 2020 20:21:54 GMT content-encoding gzip last-modified Sat, 20 Jan 2018 17:26:44 GMT server nginx status 200 etag W/"5a637bd4-1111d" vary Accept-Encoding x-hw 1604607714.dop213.fr8.t,1604607714.cds273.fr8.hn,1604607714.cds274.fr8.c content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=315360000, public accept-ranges bytes content-length 24038
GET H2	200	popper.min.js Show response cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.7/umd/	21 KB 7 KB	62ms 38ms	Script application/javascript	2606:4700::6810:125e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.7/umd/popper.min.js Requested by Host: buyandsave.savings.beneplace.com URL: https://buyandsave.savings.beneplace.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 66f3a07e1fa9b64a686b66381e4458dbc8abf3dbbff954720c4eec07b84411c2 Security Headers Name Value Strict-Transport-Security max-age=15780000 Request headers Origin https://buyandsave.savings.beneplace.com Referer https://buyandsave.savings.beneplace.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Thu, 05 Nov 2020 20:21:54 GMT content-encoding br vary Accept-Encoding cf-cache-status HIT nel {"report_to":"cf-nel","max_age":604800} age 1296421 x-via cfworker/kv status 200 content-length 6646 cf-request-id 063babbb3700002bf2c73f6000000001 timing-allow-origin * last-modified Mon, 04 May 2020 16:15:37 GMT server cloudflare etag "5eb03fa9-520c" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=15780000 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Uam1twc9fcUpK5ytpRj3XwGVaHcVA1Omw%2Besgqj4SxuCdJN2WN5c5TejUnwNPWe7H4Qd%2FYZRrhPLd8VWxQdkPa7%2FMLN8ChINUkWX0dbLRC7vMu7q4oiaX5UhfUEBHMuPCA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=30672000 accept-ranges bytes cf-ray 5ed948a52da32bf2-FRA expires Tue, 26 Oct 2021 20:21:54 GMT
GET H2	200	bootstrap.min.js Show response stackpath.bootstrapcdn.com/bootstrap/4.3.0/js/	55 KB 14 KB	19ms 8ms	Script text/javascript	2001:4de0:ac19::1:b:3b HIGHWINDS3
General Check archive.org Show headers Download Go to Full URL https://stackpath.bootstrapcdn.com/bootstrap/4.3.0/js/bootstrap.min.js Requested by Host: buyandsave.savings.beneplace.com URL: https://buyandsave.savings.beneplace.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4de0:ac19::1:b:3b , Netherlands, ASN20446 (HIGHWINDS3, US), Reverse DNS Software / Resource Hash 0b86e93ae07e8c3ee975204e6dbd53cbbce457b8f5e9c2397c4312285d488991 Security Headers Name Value X-Content-Type-Options nosniff Request headers Origin https://buyandsave.savings.beneplace.com Referer https://buyandsave.savings.beneplace.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Thu, 05 Nov 2020 20:21:54 GMT content-encoding gzip x-content-type-options nosniff last-modified Mon, 11 Feb 2019 19:24:20 GMT status 200 etag "1549913060" vary Accept-Encoding x-cache HIT content-type text/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=31536000 cross-origin-resource-policy cross-origin accept-ranges bytes timing-allow-origin * content-length 14651
GET H2	200	web-animations.min.js Show response cdnjs.cloudflare.com/ajax/libs/web-animations/2.3.1/	47 KB 14 KB	37ms 13ms	Script application/javascript	2606:4700::6810:125e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/web-animations/2.3.1/web-animations.min.js Requested by Host: buyandsave.savings.beneplace.com URL: https://buyandsave.savings.beneplace.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash cbb3c795fd44c83a1200149b18e0df050fe228df4b5b03891373029117d8bd6b Security Headers Name Value Strict-Transport-Security max-age=15780000 Request headers Referer https://buyandsave.savings.beneplace.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Thu, 05 Nov 2020 20:21:54 GMT content-encoding br vary Accept-Encoding cf-cache-status HIT nel {"report_to":"cf-nel","max_age":604800} age 1289619 x-via cfworker/kv status 200 content-length 13763 cf-request-id 063babbb350000c28167a51000000001 timing-allow-origin * last-modified Mon, 04 May 2020 16:17:51 GMT server cloudflare etag "5eb0402f-bad6" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=15780000 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=UO3YcoJHH8dP2v9IjWVHa5WwjYSmWIKuKu3Xnb2cmNVVvm4brxR%2BXHLTSGiywqiC9jsc3vOXIyp2oC7KsMsZjjR7CjUS1XsUY1o5I8RkKeDCZ5jv0AbZisGcBAAorpDPSw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=30672000 accept-ranges bytes cf-ray 5ed948a52c3bc281-FRA expires Tue, 26 Oct 2021 20:21:54 GMT
GET H2	200	runtime.a4c6235fadc26a0f72d8.js Show response buyandsave.savings.beneplace.com/	3 KB 2 KB	128ms 120ms	Script application/javascript	54.165.223.213 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://buyandsave.savings.beneplace.com/runtime.a4c6235fadc26a0f72d8.js Requested by Host: buyandsave.savings.beneplace.com URL: https://buyandsave.savings.beneplace.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.165.223.213 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-54-165-223-213.compute-1.amazonaws.com Software nginx/1.19.3 / Resource Hash 04fdfd7779a54f6b39245d28748139b844ad6f09f5a7b9f8da7b1cc7b6dd4e97 Security Headers Name Value Content-Security-Policy frame-src *.beneplace.com:* *.workingadvantage.com:* 'unsafe-inline' 'unsafe-eval', frame-ancestors 'self' *.beneplace.com:* *.workingadvantage.com:* Strict-Transport-Security max-age=31536000; includeSubDomains X-Frame-Options DENY Request headers Referer https://buyandsave.savings.beneplace.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Thu, 05 Nov 2020 20:21:54 GMT content-encoding gzip vary Accept-Encoding last-modified Thu, 05 Nov 2020 03:47:56 GMT server nginx/1.19.3 etag W/"5fa375ec-a42" x-frame-options DENY content-type application/javascript; charset=utf-8 status 200 content-security-policy frame-src *.beneplace.com:* *.workingadvantage.com:* 'unsafe-inline' 'unsafe-eval', frame-ancestors 'self' *.beneplace.com:* *.workingadvantage.com:* strict-transport-security max-age=31536000; includeSubDomains
GET H2	200	polyfills.5db21e1223c124479f5c.js Show response buyandsave.savings.beneplace.com/	122 KB 40 KB	232ms 225ms	Script application/javascript	54.165.223.213 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://buyandsave.savings.beneplace.com/polyfills.5db21e1223c124479f5c.js Requested by Host: buyandsave.savings.beneplace.com URL: https://buyandsave.savings.beneplace.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.165.223.213 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-54-165-223-213.compute-1.amazonaws.com Software nginx/1.19.3 / Resource Hash 4d957cfafa3665b23297c650aa2a2dcf2adad92c0e6d1c8653ab10368c43ca70 Security Headers Name Value Content-Security-Policy frame-src *.beneplace.com:* *.workingadvantage.com:* 'unsafe-inline' 'unsafe-eval', frame-ancestors 'self' *.beneplace.com:* *.workingadvantage.com:* Strict-Transport-Security max-age=31536000; includeSubDomains X-Frame-Options DENY Request headers Referer https://buyandsave.savings.beneplace.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Thu, 05 Nov 2020 20:21:54 GMT content-encoding gzip vary Accept-Encoding last-modified Thu, 05 Nov 2020 03:48:50 GMT server nginx/1.19.3 etag W/"5fa37622-1e88a" x-frame-options DENY content-type application/javascript; charset=utf-8 status 200 content-security-policy frame-src *.beneplace.com:* *.workingadvantage.com:* 'unsafe-inline' 'unsafe-eval', frame-ancestors 'self' *.beneplace.com:* *.workingadvantage.com:* strict-transport-security max-age=31536000; includeSubDomains
GET H2	200	main.f30c62f13118d090f280.js Show response buyandsave.savings.beneplace.com/	3 MB 725 KB	334ms 328ms	Script application/javascript	54.165.223.213 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://buyandsave.savings.beneplace.com/main.f30c62f13118d090f280.js Requested by Host: buyandsave.savings.beneplace.com URL: https://buyandsave.savings.beneplace.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.165.223.213 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-54-165-223-213.compute-1.amazonaws.com Software nginx/1.19.3 / Resource Hash 904aaf7bc38fc2b871e3e2c1b3a159c4a40e35dae2bae94a906eae37a62345f7 Security Headers Name Value Content-Security-Policy frame-src *.beneplace.com:* *.workingadvantage.com:* 'unsafe-inline' 'unsafe-eval', frame-ancestors 'self' *.beneplace.com:* *.workingadvantage.com:* Strict-Transport-Security max-age=31536000; includeSubDomains X-Frame-Options DENY Request headers Referer https://buyandsave.savings.beneplace.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Thu, 05 Nov 2020 20:21:54 GMT content-encoding gzip vary Accept-Encoding last-modified Thu, 05 Nov 2020 03:48:00 GMT server nginx/1.19.3 etag W/"5fa375f0-2ff1b5" x-frame-options DENY content-type application/javascript; charset=utf-8 status 200 content-security-policy frame-src *.beneplace.com:* *.workingadvantage.com:* 'unsafe-inline' 'unsafe-eval', frame-ancestors 'self' *.beneplace.com:* *.workingadvantage.com:* strict-transport-security max-age=31536000; includeSubDomains
GET H2	200	S6uyw4BMUTPHjx4wXiWtFCc.woff2 fonts.gstatic.com/s/lato/v17/	14 KB 14 KB	6ms 6ms	Font font/woff2	2a00:1450:4001:817::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/lato/v17/S6uyw4BMUTPHjx4wXiWtFCc.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Lato:300,400,700,900 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:817::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 036d841b132c14046e26d8f2da1bc634c6ad34885ed1295660694a91c98933a6 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Origin https://buyandsave.savings.beneplace.com Referer https://fonts.googleapis.com/css?family=Lato:300,400,700,900 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Thu, 29 Oct 2020 23:28:06 GMT x-content-type-options nosniff last-modified Tue, 15 Sep 2020 18:12:59 GMT server sffe age 593628 status 200 content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * alt-svc h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 14044 x-xss-protection 0 expires Fri, 29 Oct 2021 23:28:06 GMT
GET H2	200	info Show response buyandsave.savings.beneplace.com/api/	4 KB 2 KB	133ms 133ms	XHR text/html	54.165.223.213 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://buyandsave.savings.beneplace.com/api/info Requested by Host: buyandsave.savings.beneplace.com URL: https://buyandsave.savings.beneplace.com/polyfills.5db21e1223c124479f5c.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.165.223.213 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-54-165-223-213.compute-1.amazonaws.com Software nginx/1.19.3 / Resource Hash ceedc72ca4d85458f812496494828923104f715deabe0fa876c0a216530c3d2d Request headers Accept application/json, text/plain, */* Referer https://buyandsave.savings.beneplace.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Thu, 05 Nov 2020 20:21:54 GMT content-encoding gzip status 200 server nginx/1.19.3 x-powered-by etag W/"e7a-bl3sIolTIugWCMvqXySqAxlkgH8" vary Accept-Encoding access-control-allow-methods GET,PUT,POST,PATCH,DELETE,OPTIONS content-type text/html; charset=utf-8 access-control-allow-origin * cache-control no-cache, no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0 access-control-allow-headers Origin, Referer, X-Requested-With, Content-Type, Authorization expires Thu, 05 Nov 2020 20:21:53 GMT
GET H2	200	controls Show response buyandsave.savings.beneplace.com/api/	1 KB 2 KB	135ms 134ms	XHR application/json	54.165.223.213 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://buyandsave.savings.beneplace.com/api/controls Requested by Host: buyandsave.savings.beneplace.com URL: https://buyandsave.savings.beneplace.com/polyfills.5db21e1223c124479f5c.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.165.223.213 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-54-165-223-213.compute-1.amazonaws.com Software nginx/1.19.3 / Resource Hash b72affe48a5b54bb302184306c25124feb3b5e8cf81595f76e1cb863fcbd6ce3 Request headers Accept application/json, text/plain, */* Referer https://buyandsave.savings.beneplace.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Thu, 05 Nov 2020 20:21:54 GMT server nginx/1.19.3 x-powered-by etag W/"5f4-Fs71i1H+0jWV5l9G/qA/E5MOIF0" status 200 access-control-allow-methods GET,PUT,POST,PATCH,DELETE,OPTIONS content-type application/json; charset=utf-8 access-control-allow-origin * cache-control no-cache, no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0 access-control-allow-headers Origin, Referer, X-Requested-With, Content-Type, Authorization content-length 1524 expires Thu, 05 Nov 2020 20:21:53 GMT
GET H2	200	marketplace-styles.css Show response buyandsave.savings.beneplace.com/api/	25 KB 26 KB	292ms 292ms	XHR text/css	54.165.223.213 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://buyandsave.savings.beneplace.com/api/marketplace-styles.css Requested by Host: buyandsave.savings.beneplace.com URL: https://buyandsave.savings.beneplace.com/polyfills.5db21e1223c124479f5c.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.165.223.213 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-54-165-223-213.compute-1.amazonaws.com Software nginx/1.19.3 / Resource Hash 7ffe0729b0a074dc79ec02b5eae3e9dfacdf862f454f5b5bef8aec0d01f5267a Request headers Accept application/json, text/plain, */* Referer https://buyandsave.savings.beneplace.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Thu, 05 Nov 2020 20:21:55 GMT server nginx/1.19.3 x-powered-by etag W/"65bf-EQ/Tz+dQwQx2fHba5oKVSfdXBp8" status 200 access-control-allow-methods GET,PUT,POST,PATCH,DELETE,OPTIONS content-type text/css; charset=utf-8 access-control-allow-origin * cache-control no-cache, no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0 access-control-allow-headers Origin, Referer, X-Requested-With, Content-Type, Authorization content-length 26047 expires Thu, 05 Nov 2020 20:21:54 GMT
GET DATA	200 OK	truncated /	38 B 0		Image image/webp
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 05632bd17ae6013db11864ba86f363756e305cd5a56ee788fe20774ed6c750f9 Request headers Referer User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Content-Type image/webp
GET H2	200	gtm.js Show response www.googletagmanager.com/	77 KB 30 KB	16ms 15ms	Script application/javascript	2a00:1450:4001:803::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtm.js?id=GTM-5QN8HWM Requested by Host: buyandsave.savings.beneplace.com URL: https://buyandsave.savings.beneplace.com/main.f30c62f13118d090f280.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:803::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash e4ee50184793fcd214f6f97b91f853a0dcb34482251491b0e510c91682e9e820 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers Referer https://buyandsave.savings.beneplace.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Thu, 05 Nov 2020 20:21:55 GMT content-encoding br vary Accept-Encoding status 200 cross-origin-resource-policy cross-origin alt-svc h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 30530 x-xss-protection 0 last-modified Thu, 05 Nov 2020 19:27:49 GMT server Google Tag Manager strict-transport-security max-age=31536000; includeSubDomains content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Thu, 05 Nov 2020 20:21:55 GMT
GET H2	200	js Show response www.googletagmanager.com/gtag/	95 KB 37 KB	16ms 16ms	Script application/javascript	2a00:1450:4001:803::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=UA-2876877-9 Requested by Host: buyandsave.savings.beneplace.com URL: https://buyandsave.savings.beneplace.com/main.f30c62f13118d090f280.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:803::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 5f90ab7d046c526349868c15a26509cc3fd5a7b31c8d74a929967a6a0f4b1684 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers Referer https://buyandsave.savings.beneplace.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Thu, 05 Nov 2020 20:21:55 GMT content-encoding br vary Accept-Encoding status 200 cross-origin-resource-policy cross-origin alt-svc h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 38304 x-xss-protection 0 last-modified Thu, 05 Nov 2020 19:27:49 GMT server Google Tag Manager strict-transport-security max-age=31536000; includeSubDomains content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Thu, 05 Nov 2020 20:21:55 GMT
GET H2	200	info buyandsave.savings.beneplace.com/api/	5 KB 2 KB	218ms 217ms	XHR text/html	54.165.223.213 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://buyandsave.savings.beneplace.com/api/info?authInfo=true Requested by Host: buyandsave.savings.beneplace.com URL: https://buyandsave.savings.beneplace.com/polyfills.5db21e1223c124479f5c.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.165.223.213 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-54-165-223-213.compute-1.amazonaws.com Software nginx/1.19.3 / Resource Hash Request headers Accept application/json, text/plain, */* Referer https://buyandsave.savings.beneplace.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Thu, 05 Nov 2020 20:21:55 GMT content-encoding gzip status 200 server nginx/1.19.3 x-powered-by etag W/"13a4-IftqQWATqfe21RMNb7x+PdKqRbc" vary Accept-Encoding access-control-allow-methods GET,PUT,POST,PATCH,DELETE,OPTIONS content-type text/html; charset=utf-8 access-control-allow-origin * cache-control no-cache, no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0 access-control-allow-headers Origin, Referer, X-Requested-With, Content-Type, Authorization expires Thu, 05 Nov 2020 20:21:54 GMT
GET H2	200	analytics.js Show response www.google-analytics.com/	46 KB 18 KB	6ms 6ms	Script text/javascript	2a00:1450:4001:803::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-5QN8HWM Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://buyandsave.savings.beneplace.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff last-modified Fri, 23 Oct 2020 03:00:57 GMT server Golfe2 age 1950 date Thu, 05 Nov 2020 19:49:25 GMT vary Accept-Encoding content-type text/javascript status 200 cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 18817 expires Thu, 05 Nov 2020 21:49:25 GMT
POST H3-Q050	200	collect Show response www.google-analytics.com/j/	2 B 80 B	14ms 14ms	XHR text/plain	2a00:1450:4001:803::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j87&a=892346055&t=pageview&_s=1&dl=https%3A%2F%2Fbuyandsave.savings.beneplace.com%2F&ul=en-us&de=UTF-8&dt=Buy%20and%20Save&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAAC~&jid=102877990&gjid=1879298693&cid=2036969158.1604607715&tid=UA-2876877-9&_gid=797841088.1604607715&_r=1&gtm=2wgas15QN8HWM&z=1209069605 Requested by Host: buyandsave.savings.beneplace.com URL: https://buyandsave.savings.beneplace.com/polyfills.5db21e1223c124479f5c.js Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://buyandsave.savings.beneplace.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Thu, 05 Nov 2020 20:21:55 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 status 200 content-type text/plain access-control-allow-origin https://buyandsave.savings.beneplace.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 2 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	200	collect Show response stats.g.doubleclick.net/j/	1 B 97 B	14ms 14ms	XHR text/plain	2a00:1450:400c:c07::9d GOOGLE
General Check archive.org Show headers Download Go to Full URL https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j87&tid=UA-2876877-9&cid=2036969158.1604607715&jid=102877990&gjid=1879298693&_gid=797841088.1604607715&_u=YEBAAEAAAAAAAC~&z=1503968606 Requested by Host: buyandsave.savings.beneplace.com URL: https://buyandsave.savings.beneplace.com/polyfills.5db21e1223c124479f5c.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400c:c07::9d Brussels, Belgium, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://buyandsave.savings.beneplace.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Content-Type text/plain Response headers pragma no-cache strict-transport-security max-age=10886400; includeSubDomains; preload x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 date Thu, 05 Nov 2020 20:21:55 GMT status 200 content-type text/plain access-control-allow-origin https://buyandsave.savings.beneplace.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1 expires Fri, 01 Jan 1990 00:00:00 GMT
GET		authorize auth.savings.beneplace.com/auth/	0 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

auth.savings.beneplace.com

URL

https://auth.savings.beneplace.com/auth/authorize?subdomain=buyandsave&response_type=code&client_id=9ezalirn45mF43imJTdf53&redirect_uri=https%3A%2F%2Fbuyandsave.savings.beneplace.com%2F

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.beneplace.com/	1970-01-19 13:44:54	Name: _gid Value: GA1.2.797841088.1604607715
			.beneplace.com/	1970-01-19 13:43:27	Name: _gat_UA-2876877-9 Value: 1
			.beneplace.com/	1970-01-20 07:14:39	Name: _ga Value: GA1.2.2036969158.1604607715

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-src *.beneplace.com:* *.workingadvantage.com:* 'unsafe-inline' 'unsafe-eval' frame-ancestors 'self' *.beneplace.com:* *.workingadvantage.com:*
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	DENY

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

auth.savings.beneplace.com
buyandsave.savings.beneplace.com
cdnjs.cloudflare.com
code.jquery.com
fonts.googleapis.com
fonts.gstatic.com
maps.googleapis.com
stackpath.bootstrapcdn.com
stats.g.doubleclick.net
www.google-analytics.com
www.googletagmanager.com
auth.savings.beneplace.com
2001:4de0:ac19::1:b:1a
2001:4de0:ac19::1:b:3b
2606:4700::6810:125e
2a00:1450:4001:803::2008
2a00:1450:4001:803::200e
2a00:1450:4001:808::200a
2a00:1450:4001:817::2003
2a00:1450:4001:820::200a
2a00:1450:400c:c07::9d
54.165.223.213
036d841b132c14046e26d8f2da1bc634c6ad34885ed1295660694a91c98933a6
04fdfd7779a54f6b39245d28748139b844ad6f09f5a7b9f8da7b1cc7b6dd4e97
05632bd17ae6013db11864ba86f363756e305cd5a56ee788fe20774ed6c750f9
0b86e93ae07e8c3ee975204e6dbd53cbbce457b8f5e9c2397c4312285d488991
26746c2a4045b86af00989b08fc695ddbaece4cd7a0ab700920ed9fa190e6d9f
4d957cfafa3665b23297c650aa2a2dcf2adad92c0e6d1c8653ab10368c43ca70
550aefc454b2a6bd34a31c5e83de5266c41510f702dbdf9f87ab3b25649a4741
5f90ab7d046c526349868c15a26509cc3fd5a7b31c8d74a929967a6a0f4b1684
66f3a07e1fa9b64a686b66381e4458dbc8abf3dbbff954720c4eec07b84411c2
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6ef5984d1d95230d5961c0ee465c99c03ee122b7504eb43576b2930afe3ecad4
7ffe0729b0a074dc79ec02b5eae3e9dfacdf862f454f5b5bef8aec0d01f5267a
904aaf7bc38fc2b871e3e2c1b3a159c4a40e35dae2bae94a906eae37a62345f7
b72affe48a5b54bb302184306c25124feb3b5e8cf81595f76e1cb863fcbd6ce3
cbb3c795fd44c83a1200149b18e0df050fe228df4b5b03891373029117d8bd6b
ceedc72ca4d85458f812496494828923104f715deabe0fa876c0a216530c3d2d
d2261f25f09d472c12eea4f3b6f04ecf626ab4eeb19d7ff90d6c0dcfa36ad78e
d5d6559f00c2a691c1b19a3ad61f386bcfaee34442d0174d646cbe02e05ac5c0
dde76b9b2b90d30eb97fc81f06caa8c338c97b688cea7d2729c88f529f32fbb1
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
e4ee50184793fcd214f6f97b91f853a0dcb34482251491b0e510c91682e9e820